Client authentication is critical for maintaining the integrity and security of electronic transactions and communications. However, existing authentication techniques can suffer from certain drawbacks. For example, a keyed-hash message authentication code (HMAC) protects the integrity and authenticity of a message via a cryptographic hash function in combination with a secret cryptographic key. However, the secret key must be shared between the sender and the receiver of the message, thus increasing the risk of leakage of the key. Also, solutions based on public key infrastructure (PKI) such as mutual SSL are typically expensive to setup and maintain because such solutions typically require the maintenance of both private and public keys in a relatively insecure environment, such as a perimeter network. Furthermore, solutions like mutual SSL implement authentication at a level below the application level, making it difficult for higher-level applications to map a subject in such solutions to a principal that needs to be authenticated.
Embodiments of the present invention address these problems and other problems individually and collectively.